Skip to main content

July 11, 2023 - Content Release

This content release includes parsing and mapping updates to Fortinet to account for variations in URL information present in the log sometimes leading to malformed URLs being normalized, adjustments to Jamf mappings to account for case variations in certain fields, as well as changes enumerated below.


  • [Updated] OUTLIER-S00010 Spike in URL Length from IP Address
    • Narrowed rule expression to NetworkHTTP and NetworkProxy records

Log Mappers

  • [Updated] Fortinet App Control Logs
  • [Updated] Fortinet DLP Logs
  • [Updated] Fortinet Event Logs
  • [Updated] Fortinet IPS Logs
  • [Updated] Fortinet Traffic Logs
  • [Updated] Fortinet Virus Logs
  • [Updated] Fortinet Webfilter Logs
  • [Updated] Jamf Audit User - Audit
  • [Updated] Jamf Audit User - Authentication
  • [Updated] Jamf Audit User - Endpoint
  • [Updated] Jamf Audit User - Network
  • [Updated] SentinelOne Logs - C2C threats
    • Adds alternate value for normalizedSeverity lookup


  • [Updated] /Parsers/System/Cisco/Cisco Meraki
    • Support for more variation in content filtering block logs and additional drops for events of limited to no security value.
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.